Nav

LDAP Connector Reference

Default Configuration

Parameters

Name Type Description Default Value Required

Name

String

The name for this configuration. Connectors reference the configuration with this name.

x

Connection

  • Basic Configuration

  • TLS Configuration

The connection types that can be provided to this configuration.

x

Expiration Policy

ExpirationPolicy

Configures the minimum amount of time that a dynamic configuration instance can remain idle before the runtime considers it eligible for expiration. This does not mean that the platform expires the instance at the exact moment that it becomes eligible. The runtime actually purges the instances when it sees fit.

Basic Configuration Type

Parameters

Name Type Description Default Value Required

Principal DN

String

x

Password

String

Authentication

String

URL

String

x

Reconnection

Reconnection

When the application is deployed, a connectivity test is performed on all connectors. If set to true, deployment fails if the test doesn’t pass after exhausting the associated reconnection strategy

Type

Enumeration, one of:

** JNDI

The implementation of the connection to be used.

JNDI

Schema Enabled

Boolean

If set to true, the LDAP connector uses the LDAP schema (only works for LDAP v3) to define the structure of the LDAP entry (or map). This needs to be 'true' in order to use DataSense as it affects the implementing class of org.mule.module.ldap.api.LDAPEntry attributes.

false

Referral

Enumeration, one of:

  • IGNORE

  • THROW

  • FOLLOW

Constant that holds the name of the environment property for specifying how referrals encountered by the service provider are to be processed (follow, ignore, throw).

IGNORE

Extended Configuration

Object

This is a Map instance holding extended configuration attributes that will be used in the Context environment. When working with TLS connections you need to make sure that the native LDAP pooling functionality is turned off. For example if using JNDI, do not use attributes such as com.sun.jndi.ldap.connect.pool=true, which causes problems when using TLS.

Initial Pool Size

Number

The string representation of an integer that represents the number of connections per connection identity to create when initially creating a connection for the identity. To disable pooling, just set this value to 0 (zero).

1

Max Pool Size

Number

The string representation of an integer that represents the maximum number of connections per connection identity that can be maintained concurrently.

5

Pool Timeout

Number

The string representation of an integer that represents the number of milliseconds that an idle connection may remain in the pool without being closed and removed from the pool.

60000

TLS Configuration Type

Parameters

Name Type Description Default Value Required

Principal DN

String

x

Password

String

Authentication

String

URL

String

x

Reconnection

Reconnection

When the application is deployed, a connectivity test is performed on all connectors. If set to true, deployment fails if the test doesn’t pass after exhausting the associated reconnection strategy

Type

Enumeration, one of:

** JNDI

The implementation of the connection to be used.

JNDI

Schema Enabled

Boolean

If set to true, the LDAP connector uses the LDAP schema (only works for LDAP v3) to define the structure of the LDAP entry (or map). This needs to be 'true' to use DataSense as it affects the implementing class of org.mule.module.ldap.api.LDAPEntry attributes.

false

Referral

Enumeration, one of:

  • IGNORE

  • THROW

  • FOLLOW

Constant that holds the name of the environment property for specifying how referrals encountered by the service provider are to be processed (follow, ignore, throw).

IGNORE

Extended Configuration

Object

This is a Map instance holding extended configuration attributes to use in the Context environment. When working with TLS connections, you need to ensure that the native LDAP pooling functionality is turned off. For example if using JNDI, do not use attributes such as com.sun.jndi.ldap.connect.pool=true, which causes problems when using TLS.

Supported Operations

  • Add Entry

  • Add Multi Value Attribute

  • Add Single Value Attribute

  • Bind

  • Delete

  • Delete Multi Value Attribute

  • Delete Single Value Attribute

  • Exists

  • LDAPEntry To LDIF

  • Lookup

  • Modify

  • Modify Multi Value Attribute

  • Modify Single Value Attribute

  • Paged Result Search

  • Rename

  • Search

  • Search One

  • Unbind

Operations

Add Entry

<ldap:add>

Creates a new LDAPEntry in the LDAP server. The entry should contain the distinguished name (DN), the objectClass attributes that define its structure and at least a value for all the required attributes. Required attributes depend on the object classes assigned to the entry. Refer to RFC 4519 for standard object classes and attributes.

Parameters

Name Type Description Default Value Required

Configuration

String

The name of the configuration to use.

x

Entry

Object

The LDAPEntry that should be added.

#[payload]

Structural Object Class

String

The type of entry to add. If the entry doesn’t have the objectClass attribute set, then this one is used to retrieve the whole objectClass hierarchy. If performance is a requirement, don’t rely on this functionality, as several calls to the LDAP server are done to traverse the object class hierarchy.

Reconnection Strategy

  • reconnect

  • reconnect-forever

A retry strategy in case of connectivity errors.

For Configurations

  • config

Throws

  • LDAP:COMMUNICATION

  • LDAP:CONNECTIVITY

  • LDAP:CONTEXT_NOT_EMPTY

  • LDAP:INVALID_ATTRIBUTE

  • LDAP:INVALID_ENTRY

  • LDAP:NAME_ALREADY_BOUND

  • LDAP:NAME_NOT_FOUND

  • LDAP:OPERATION_NOT_SUPPORTED

  • LDAP:PERMISSION

  • LDAP:RETRY_EXHAUSTED

  • LDAP:UNKNOWN

Add Multi Value Attribute

<ldap:add-multi-value-attribute>

Adds all the values for an attribute in an existing LDAP entry. If the entry already contains a value (or values) for an attributeName, then these values are added. The attribute should allow multiple values, or an exception is raised.

Parameters

Name Type Description Default Value Required

Configuration

String

The name of the configuration to use.

x

DN

String

The DN of the LDAP entry to modify.

x

Attribute Name

String

The name of the attribute to add values to.

x

Attribute Values

Array of Any

The values for the attribute.

#[payload]

Ignore Invalid Attribute

Boolean

If the attribute value to add is already present, then don’t throw the INVALID_ATTRIBUTE error.

false

Reconnection Strategy

  • reconnect

  • reconnect-forever

A retry strategy in case of connectivity errors.

For Configurations

  • config

Throws

  • LDAP:COMMUNICATION

  • LDAP:CONNECTIVITY

  • LDAP:CONTEXT_NOT_EMPTY

  • LDAP:INVALID_ATTRIBUTE

  • LDAP:INVALID_ENTRY

  • LDAP:NAME_ALREADY_BOUND

  • LDAP:NAME_NOT_FOUND

  • LDAP:OPERATION_NOT_SUPPORTED

  • LDAP:PERMISSION

  • LDAP:RETRY_EXHAUSTED

  • LDAP:UNKNOWN

Add Single Value Attribute

<ldap:add-single-value-attribute>

Adds a value for an attribute in an existing LDAP entry. If the entry already contains a value for the given attributeName, then this value is added (only if the attribute is multi value and the entry didn’t have the value already). If you want to add a value with a type different than String, then you can use the add-multi-value-attribute operation and define a single element list with the value.

Parameters

Name Type Description Default Value Required

Configuration

String

The name of the configuration to use.

x

DN

String

The DN of the LDAP entry to modify.

x

Attribute Name

String

The name of the attribute to add a value to.

x

Attribute Value

String

The value for the attribute.

x

Ignore Invalid Attribute

Boolean

If the attribute value to add is already present, then don’t throw InvalidAttributeException.

false

Reconnection Strategy

  • reconnect

  • reconnect-forever

A retry strategy in case of connectivity errors.

For Configurations

  • config

Throws

  • LDAP:COMMUNICATION

  • LDAP:CONNECTIVITY

  • LDAP:CONTEXT_NOT_EMPTY

  • LDAP:INVALID_ATTRIBUTE

  • LDAP:INVALID_ENTRY

  • LDAP:NAME_ALREADY_BOUND

  • LDAP:NAME_NOT_FOUND

  • LDAP:OPERATION_NOT_SUPPORTED

  • LDAP:PERMISSION

  • LDAP:RETRY_EXHAUSTED

  • LDAP:UNKNOWN

Bind

<ldap:bind>

Performs an LDAP bind (login) operation. After login there will be a LDAP connection pool ready to use for other operations using the authenticated user. If no values are provided to override authDn and authPassword then using this operation will just re-bind (re-authenticate) the user/password defined in the config element. If new values are provided for authDn and authPassword, then authentication will be performed. <h4>Re-authenticating and returning the LDAP entry using config level credentials (authDn & authPassword)</h4>

Parameters

Name Type Description Default Value Required

Configuration

String

The name of the configuration to use.

x

Principal DN

String

The Principal DN of the user.

Password

String

The Password for Principal DN.

Authentication

String

The type of authentication.

Target Variable

String

The name of a variable in which the operation’s output is placed

Target Value

String

An expression to evaluate against the operation’s output and the outcome of that expression stored in the target variable.

#[payload]

Reconnection Strategy

  • reconnect

  • reconnect-forever

A retry strategy in case of connectivity errors.

Output

Type

Object

For Configurations

  • config

Throws

  • LDAP:COMMUNICATION

  • LDAP:CONNECTIVITY

  • LDAP:CONTEXT_NOT_EMPTY

  • LDAP:INVALID_ATTRIBUTE

  • LDAP:INVALID_ENTRY

  • LDAP:NAME_ALREADY_BOUND

  • LDAP:NAME_NOT_FOUND

  • LDAP:OPERATION_NOT_SUPPORTED

  • LDAP:PERMISSION

  • LDAP:RETRY_EXHAUSTED

  • LDAP:UNKNOWN

Delete Entry

<ldap:delete>

Deletes the LDAP entry represented by the provided distinguished name (DN). The entry should not have child entries, in which case a CONTEXT_NOT_EMPTY error is thrown. This operation is idempotent. The operations succeeds even if the terminal atomic name is not bound in the target context, but throws NAME_NOT_FOUND error if any of the intermediate contexts do not exist.

Parameters

Name Type Description Default Value Required

Configuration

String

The name of the configuration to use.

x

DN

String

The DN of the LDAP entry to delete.

x

Reconnection Strategy

  • reconnect

  • reconnect-forever

A retry strategy in case of connectivity errors.

For Configurations

  • config

Throws

  • LDAP:COMMUNICATION

  • LDAP:CONNECTIVITY

  • LDAP:CONTEXT_NOT_EMPTY

  • LDAP:INVALID_ATTRIBUTE

  • LDAP:INVALID_ENTRY

  • LDAP:NAME_ALREADY_BOUND

  • LDAP:NAME_NOT_FOUND

  • LDAP:OPERATION_NOT_SUPPORTED

  • LDAP:PERMISSION

  • LDAP:RETRY_EXHAUSTED

  • LDAP:UNKNOWN

Delete Multi Value Attribute

<ldap:delete-multi-value-attribute>

Deletes all the values matching attributeValues of the attribute defined by attributeName. Values that are not present in the entry are ignored. If no values are specified, then the whole attribute is deleted from the entry.

Parameters

Name Type Description Default Value Required

Configuration

String

The name of the configuration to use.

x

DN

String

The DN of the LDAP entry to modify.

x

Attribute Name

String

The name of the attribute to delete its values.

x

Attribute Values

Array of Any

The values that should be deleted.

#[payload]

Ignore Invalid Attribute

Boolean

If the attribute or value to delete is not present, then don’t throw the INVALID_ATTRIBUTE error.

false

Reconnection Strategy

  • reconnect

  • reconnect-forever

A retry strategy in case of connectivity errors.

For Configurations

  • config

Throws

  • LDAP:COMMUNICATION

  • LDAP:CONNECTIVITY

  • LDAP:CONTEXT_NOT_EMPTY

  • LDAP:INVALID_ATTRIBUTE

  • LDAP:INVALID_ENTRY

  • LDAP:NAME_ALREADY_BOUND

  • LDAP:NAME_NOT_FOUND

  • LDAP:OPERATION_NOT_SUPPORTED

  • LDAP:PERMISSION

  • LDAP:RETRY_EXHAUSTED

  • LDAP:UNKNOWN

Delete Single Value Attribute

<ldap:delete-single-value-attribute>

Deletes the value matching attributeValue of the attribute defined by attributeName. If the entry didn’t have the value, then the entry stays the same. If no value is specified, then the whole attribute is deleted from the entry. If you want to delete a value with a type different than String, then you can use the delete-multi-value-attribute operation and define a single element list with the value.

Parameters

Name Type Description Default Value Required

Configuration

String

The name of the configuration to use.

x

DN

String

The DN of the LDAP entry to modify.

x

Attribute Name

String

The name of the attribute to delete its value.

x

Attribute Value

String

The value that should be deleted.

Ignore Invalid Attribute

Boolean

If the attribute or value to delete is not present, then don’t throw the INVALID_ATTRIBUTE error.

false

Reconnection Strategy

  • reconnect

  • reconnect-forever

A retry strategy in case of connectivity errors.

For Configurations

  • config

Throws

  • LDAP:COMMUNICATION

  • LDAP:CONNECTIVITY

  • LDAP:CONTEXT_NOT_EMPTY

  • LDAP:INVALID_ATTRIBUTE

  • LDAP:INVALID_ENTRY

  • LDAP:NAME_ALREADY_BOUND

  • LDAP:NAME_NOT_FOUND

  • LDAP:OPERATION_NOT_SUPPORTED

  • LDAP:PERMISSION

  • LDAP:RETRY_EXHAUSTED

  • LDAP:UNKNOWN

Exists

<ldap:exists>

Checks whether an LDAP entry exists in the LDAP server or not.

Parameters

Name Type Description Default Value Required

Configuration

String

The name of the configuration to use.

x

DN

String

The DN of the LDAP entry to retrieve.

x

Target Variable

String

The name of a variable in which the operation’s output is placed.

Target Value

String

An expression to evaluate against the operation’s output and the outcome of that expression stored in the target variable.

#[payload]

Reconnection Strategy

  • reconnect

  • reconnect-forever

A retry strategy in case of connectivity errors.

Output

Type

Boolean

For Configurations

  • config

Throws

  • LDAP:COMMUNICATION

  • LDAP:CONNECTIVITY

  • LDAP:CONTEXT_NOT_EMPTY

  • LDAP:INVALID_ATTRIBUTE

  • LDAP:INVALID_ENTRY

  • LDAP:NAME_ALREADY_BOUND

  • LDAP:NAME_NOT_FOUND

  • LDAP:OPERATION_NOT_SUPPORTED

  • LDAP:PERMISSION

  • LDAP:RETRY_EXHAUSTED

  • LDAP:UNKNOWN

LDAPEntry To LDIF

<ldap:ldap-entry-to-ldif>

Transforms a LDAPEntry to a String in LDIF representation (RFC 2849).

Parameters

Name Type Description Default Value Required

Configuration

String

The name of the configuration to use.

x

Entry

Object

The LDAPEntry to transform to LDIF.

#[payload]

Target Variable

String

The name of a variable in which the operation’s output is placed.

Target Value

String

An expression to evaluate against the operation’s output and the outcome of that expression stored in the target variable.

#[payload]

Reconnection Strategy

  • reconnect

  • reconnect-forever

A retry strategy in case of connectivity errors.

Output

Type

String

For Configurations

  • config

Throws

  • LDAP:COMMUNICATION

  • LDAP:CONNECTIVITY

  • LDAP:CONTEXT_NOT_EMPTY

  • LDAP:INVALID_ATTRIBUTE

  • LDAP:INVALID_ENTRY

  • LDAP:NAME_ALREADY_BOUND

  • LDAP:NAME_NOT_FOUND

  • LDAP:OPERATION_NOT_SUPPORTED

  • LDAP:PERMISSION

  • LDAP:RETRY_EXHAUSTED

  • LDAP:UNKNOWN

Lookup

<ldap:lookup>

Retrieves an entry from the LDAP server based on its distinguished name (DN). Distinguished Names are the unique identifiers of an LDAP entry, so this method performs a search based on this ID and returns a single entry as the result, or throws an exception if the DN is invalid or doesn’t exist.

When you know the DN of the object you want to retrieve, use this operation:

#searchOne(LDAPConfiguration, LDAPConnectionWrapper, String, String, List, SearchScope, int, long, boolean, String)

Parameters

Name Type Description Default Value Required

Configuration

String

The name of the configuration to use.

x

DN

String

The DN of the LDAP entry to retrieve.

x

Attributes

Array of String

A list of the attributes to return in the result. If the attributes list is empty or null, then by default all LDAP entry attributes are returned.

Structural Object Class

String

The type of entry to return. Only for DataSense purposes to be used in Anypoint Studio IDE. Has no impact on runtime, that’s why it’s optional.

Target Variable

String

The name of a variable in which the operation’s output is placed.

Target Value

String

An expression to evaluate against the operation’s output and the outcome of that expression stored in the target variable.

#[payload]

Reconnection Strategy

  • reconnect

  • reconnect-forever

A retry strategy in case of connectivity errors.

Output

Type

Object

For Configurations

  • config

Throws

  • LDAP:COMMUNICATION

  • LDAP:CONNECTIVITY

  • LDAP:CONTEXT_NOT_EMPTY

  • LDAP:INVALID_ATTRIBUTE

  • LDAP:INVALID_ENTRY

  • LDAP:NAME_ALREADY_BOUND

  • LDAP:NAME_NOT_FOUND

  • LDAP:OPERATION_NOT_SUPPORTED

  • LDAP:PERMISSION

  • LDAP:RETRY_EXHAUSTED

  • LDAP:UNKNOWN

Modify Entry

<ldap:modify>

Updates an existing LDAPEntry in the LDAP server. The entry should contain an existing distinguished name (DN), and at least a value for all the required attributes. Required attributes depend on the object classes assigned to the entry. You can refer to RFC 4519 for standard object classes and attributes.

When updating an LDAP entry, only the attributes in the entry passed as parameters are updated or added. If you need to delete an attribute, you should use the delete attribute operation.

Example: Updating one attribute and adding another.

Original LDAP server entry:


         
      
1
2
3
4
5
6
7
8
dn: cn=entry,ou=group,dc=company,dc=org
cn: entry
attr1: Value1
attr2: Value2
multi1: Value3
multi1: Value4
objectclass: top
objectclass: myentry

Entry map passed as a parameter:


         
      
1
2
3
dn: cn=entry,ou=group,dc=company,dc=org
attr1: NewValue
attr3: NewAttributeValue </code>

Resulting LDAP server entry:


         
      
1
2
3
4
5
6
7
8
9
dn: cn=entry,ou=group,dc=company,dc=org
cn: entry
attr1: NewValue
attr2: Value2
multi1: Value3
multi1: Value4
attr3: NewAttributeValue
objectclass: top
objectclass: myentry

Parameters

Name Type Description Default Value Required

Configuration

String

The name of the configuration to use.

x

Entry

Object

The LDAPEntry that should be updated.

#[payload]

Structural Object Class

String

The type of entry to update. Only for DataSense purposes to be used in Anypoint Studio IDE. Has no impact on runtime, that’s why it’s optional.

Reconnection Strategy

  • reconnect

  • reconnect-forever

A retry strategy in case of connectivity errors.

For Configurations

  • config

Throws

  • LDAP:COMMUNICATION

  • LDAP:CONNECTIVITY

  • LDAP:CONTEXT_NOT_EMPTY

  • LDAP:INVALID_ATTRIBUTE

  • LDAP:INVALID_ENTRY

  • LDAP:NAME_ALREADY_BOUND

  • LDAP:NAME_NOT_FOUND

  • LDAP:OPERATION_NOT_SUPPORTED

  • LDAP:PERMISSION

  • LDAP:RETRY_EXHAUSTED

  • LDAP:UNKNOWN

Modify Multi Value Attribute

<ldap:modify-multi-value-attribute>

Updates (replaces) the value or values of the attribute defined by attributeName with the new values defined by attributeValues. If the attribute is not present in the entry, then the value is added.

Parameters

Name Type Description Default Value Required

Configuration

String

The name of the configuration to use.

x

DN

String

The DN of the LDAP entry to modify.

x

Attribute Name

String

The name of the attribute to update its values.

x

Attribute Values

Array of Any

The new values for the attribute.

#[payload]

Ignore Invalid Attribute

Boolean

If the attribute value to modify is already present, then don’t throw the INVALID_ATTRIBUTE error.

false

Reconnection Strategy

  • reconnect

  • reconnect-forever

A retry strategy in case of connectivity errors.

For Configurations

  • config

Throws

  • LDAP:COMMUNICATION

  • LDAP:CONNECTIVITY

  • LDAP:CONTEXT_NOT_EMPTY

  • LDAP:INVALID_ATTRIBUTE

  • LDAP:INVALID_ENTRY

  • LDAP:NAME_ALREADY_BOUND

  • LDAP:NAME_NOT_FOUND

  • LDAP:OPERATION_NOT_SUPPORTED

  • LDAP:PERMISSION

  • LDAP:RETRY_EXHAUSTED

  • LDAP:UNKNOWN

Modify Single Value Attribute

<ldap:modify-single-value-attribute>

Updates (replaces) the value or values of the attribute defined by attributeName with the new value defined by attributeValue. If the attribute is not present in the entry, then the value is added. To update a value with a type different than String, use the update-multi-value-attribute operation and define a single element list with the value.

Parameters

Name Type Description Default Value Required

Configuration

String

The name of the configuration to use.

x

DN

String

The DN of the LDAP entry to modify.

x

Attribute Name

String

The name of the attribute to update its value.

x

Attribute Value

String

The new value for the attribute.

x

Ignore Invalid Attribute

Boolean

If the attribute value to modify is already present, then don’t throw the INVALID_ATTRIBUTE error.

false

Reconnection Strategy

  • reconnect

  • reconnect-forever

A retry strategy in case of connectivity errors.

For Configurations

  • config

Throws

  • LDAP:COMMUNICATION

  • LDAP:CONNECTIVITY

  • LDAP:CONTEXT_NOT_EMPTY

  • LDAP:INVALID_ATTRIBUTE

  • LDAP:INVALID_ENTRY

  • LDAP:NAME_ALREADY_BOUND

  • LDAP:NAME_NOT_FOUND

  • LDAP:OPERATION_NOT_SUPPORTED

  • LDAP:PERMISSION

  • LDAP:RETRY_EXHAUSTED

  • LDAP:UNKNOWN

Paged Result Search

<ldap:paged-result-search>

Performs a LDAP search and streams the result to the rest of the flow.

This means that instead of returning a list with all results, this operation partitions the LDAP search result into pages or an individual entry if resultPageSize is 1, or lists of size resultPageSize.

This is an intercepting operation, which means that for each result, or an individual entry if resultPageSize is 1 or List of resultPageSize size, the rest of the flow executes. Each execution returns a result that aggregates into a List of results.

For queries returning large results, use pagination; however, not all LDAP servers support this or are configured to support it. To use pagination, provide a page size value that’s less than or equal to the max results (count limit). If you get a size limit exceeded exception, ensure that the authenticated user has sufficient privileges, or that the LDAP server is not limited by its configuration. In that case, just reduce the value of the fetch size.

Parameters

Name Type Description Default Value Required

Configuration

String

The name of the configuration to use.

x

Base DN

String

The base DN of the LDAP search.

x

Filter

String

A valid LDAP filter. The LDAP connector supports LDAP search filters as defined in RFC 2254.

x

Attributes

Array of String

A list of the attributes to return in the result. If the attributes list is empty or null, then by default all LDAP entry attributes are returned.

Scope

Enumeration, one of:

  • OBJECT

  • ONE_LEVEL

  • SUB_TREE

The scope of the search. Valid attributes are:

* OBJECT: This value is used to indicate searching only the entry at the base DN, resulting in only that entry being returned (keeping in mind that it also has to meet the search filter criteria!) * ONE_LEVEL: This value is used to indicate searching all entries one level under the base DN - but not including the base DN and not including any entries under that one level under the base DN. * SUB_TREE: This value is used to indicate searching of all entries at all levels under and including the specified base DN.

ONE_LEVEL

Timeout

Number

Search timeout in milliseconds. If the value is 0, this means to wait indefinitely.

0

Max Results

Number

The maximum number of entries to return as a result of the search. 0 indicates to return all entries.

0

Return Object

Boolean

Enables or disables returning objects that are returned as part of the result. If disabled, only the name and class of the object is returned. If enabled, the object is returned.

false

Page Size

Number

If the LDAP server supports paging results, set this attribute to the size of the page. If the pageSize is less or equals than 0, paging is disabled.

0

Order by attribute

String

Name of the LDAP attribute used to sort results.

Ascending order?

Boolean

If orderBy is set, indicates whether to sort in ascending or descending order.

true

Structural Object Class

String

The type of entry to return. Only for DataSense purposes to be used in Anypoint Studio IDE. Has no impact on runtime, that’s why it’s optional.

Fetch Size

Number

The maximum number of LDAP entries retrieved at once per page.

200

Streaming Strategy

  • repeatable-in-memory-iterable

  • repeatable-file-store-iterable

  • non-repeatable-iterable

Configure if repeatable streams should be used and their behavior.

Target Variable

String

The name of a variable in which the operation’s output is placed.

Target Value

String

An expression to evaluate against the operation’s output and the outcome of that expression stored in the target variable.

#[payload]

Reconnection Strategy

  • reconnect

  • reconnect-forever

A retry strategy in case of connectivity errors.

Output

Type

Array of Object

For Configurations

  • config

Throws

  • LDAP:COMMUNICATION

  • LDAP:CONNECTIVITY

  • LDAP:CONTEXT_NOT_EMPTY

  • LDAP:INVALID_ATTRIBUTE

  • LDAP:INVALID_ENTRY

  • LDAP:NAME_ALREADY_BOUND

  • LDAP:NAME_NOT_FOUND

  • LDAP:OPERATION_NOT_SUPPORTED

  • LDAP:PERMISSION

  • LDAP:UNKNOWN

Rename entry

<ldap:rename>

Renames an existing LDAP entry (moves an entry from a DN to another one).

Parameters

Name Type Description Default Value Required

Configuration

String

The name of the configuration to use.

x

Current DN

String

DN of the existing entry to rename.

x

New DN

String

Destination DN

x

Reconnection Strategy

  • reconnect

  • reconnect-forever

A retry strategy in case of connectivity errors.

For Configurations

  • config

Throws

  • LDAP:COMMUNICATION

  • LDAP:CONNECTIVITY

  • LDAP:CONTEXT_NOT_EMPTY

  • LDAP:INVALID_ATTRIBUTE

  • LDAP:INVALID_ENTRY

  • LDAP:NAME_ALREADY_BOUND

  • LDAP:NAME_NOT_FOUND

  • LDAP:OPERATION_NOT_SUPPORTED

  • LDAP:PERMISSION

  • LDAP:RETRY_EXHAUSTED

  • LDAP:UNKNOWN

<ldap:search>

Performs a LDAP search that returns a list of all resulting LDAP entries. For queries returning large results, use pagination; however, not all LDAP servers support this or are configured to support it. To use pagination, provide a page size value that’s less than or equal to the max results (count limit). If you get a size limit exceeded exception, ensure that the authenticated user has sufficient privileges, or that the LDAP server is not limited by its configuration.

Parameters

Name Type Description Default Value Required

Configuration

String

The name of the configuration to use.

x

Base DN

String

The base DN of the LDAP search.

x

Filter

String

A valid LDAP filter. The LDAP connector supports LDAP search filters as defined in RFC 2254.

x

Attributes

Array of String

A list of the attributes to return in the result. If the attributes list is empty or null, by default all LDAP entry attributes are returned.

Scope

Enumeration, one of:

  • OBJECT

  • ONE_LEVEL

  • SUB_TREE

The scope of the search. Valid attributes are:

* OBJECT: This value is used to indicate searching only the entry at the base DN, resulting in only that entry being returned (keeping in mind that it also has to meet the search filter criteria) * ONE_LEVEL: This value is used to indicate searching all entries one level under the base DN - but not including the base DN and not including any entries under that one level under the base DN. * SUB_TREE: This value is used to indicate searching of all entries at all levels under and including the specified base DN.

ONE_LEVEL

Timeout

Number

Search timeout in milliseconds. If the value is 0, this means to wait indefinitely.

0

Max Results

Number

The maximum number of entries to return as a result of the search. 0 indicates to return all entries.

0

Return Object

Boolean

Enables or disables objects returned as part of the result. If disabled, only the name and class of the object is returned. If enabled, the object is also returned.

false

Page Size

Number

If the LDAP server supports paging results, set this attribute to the size of the page. If the pageSize is less or equals than 0, then paging is disabled.

0

Structural Object Class

String

The type of entry to return. Only for DataSense purposes to be used in Anypoint Studio IDE. Has no impact on runtime, that’s why it’s optional.

Target Variable

String

The name of a variable in which the operation’s output is placed.

Target Value

String

An expression to evaluate against the operation’s output and the outcome of that expression stored in the target variable.

#[payload]

Reconnection Strategy

  • reconnect

  • reconnect-forever

A retry strategy in case of connectivity errors.

Output

Type

Array of Object

For Configurations

  • config

Throws

  • LDAP:COMMUNICATION

  • LDAP:CONNECTIVITY

  • LDAP:CONTEXT_NOT_EMPTY

  • LDAP:INVALID_ATTRIBUTE

  • LDAP:INVALID_ENTRY

  • LDAP:NAME_ALREADY_BOUND

  • LDAP:NAME_NOT_FOUND

  • LDAP:OPERATION_NOT_SUPPORTED

  • LDAP:PERMISSION

  • LDAP:RETRY_EXHAUSTED

  • LDAP:UNKNOWN

Search One

<ldap:search-one>

Performs a LDAP search that is supposed to return a unique result. If the search returns more than one result, a warning log message is generated and the first element of the result is returned. Use this operation over #lookup(LDAPConfiguration, LDAPConnectionWrapper, String, List, String) when you don’t know the DN of the entry you need to retrieve but have a set of attributes that you know should return a single entry (for example an email address).

Parameters

Name Type Description Default Value Required

Configuration

String

The name of the configuration to use.

x

Base DN

String

The base DN of the LDAP search.

x

Filter

String

A valid LDAP filter. The LDAP connector supports LDAP search filters as defined in RFC 2254.

x

Attributes

Array of String

A list of the attributes to return in the result. If the attributes list is empty or null, then by default all LDAP entry attributes are returned.

Scope

Enumeration, one of:

  • OBJECT

  • ONE_LEVEL

  • SUB_TREE

The scope of the search. Valid attributes are:

* OBJECT: Indicates to search only for the entry at the base DN, resulting in only that entry being returned (keep in mind that it also has to meet the search filter criteria). * ONE_LEVEL: Indicates to search for all entries one level under the base DN - but not including the base DN and not including any entries under that one level under the base DN. * SUB_TREE: Indicates to search for all entries at all levels under and including the specified base DN.

ONE_LEVEL

Timeout

Number

Search timeout in milliseconds. If the value is 0, this means to wait indefinitely.

0

Max Results

Number

The maximum number of entries to return as a result of the search. 0 indicates to return all entries.

0

Return Object

Boolean

Enables or disables returning objects returned as part of the result. If disabled, only the name and class of the object is returned. If enabled, the object also returns.

false

Structural Object Class

String

The type of entry to return. Only for DataSense purposes to be used in Anypoint Studio IDE. Has no impact on runtime, that’s why it’s optional.

Target Variable

String

The name of a variable in which the operation’s output is placed.

Target Value

String

An expression to evaluate against the operation’s output and the outcome of that expression stored in the target variable.

#[payload]

Reconnection Strategy

  • reconnect

  • reconnect-forever

A retry strategy in case of connectivity errors.

Output

Type

Object

For Configurations

  • config

Throws

  • LDAP:COMMUNICATION

  • LDAP:CONNECTIVITY

  • LDAP:CONTEXT_NOT_EMPTY

  • LDAP:INVALID_ATTRIBUTE

  • LDAP:INVALID_ENTRY

  • LDAP:NAME_ALREADY_BOUND

  • LDAP:NAME_NOT_FOUND

  • LDAP:OPERATION_NOT_SUPPORTED

  • LDAP:PERMISSION

  • LDAP:RETRY_EXHAUSTED

  • LDAP:UNKNOWN

Unbind

<ldap:unbind>

Closes the current connection, forcing the login operation (bind) the next time it is used.

Parameters

Name Type Description Default Value Required

Configuration

String

The name of the configuration to use.

x

Reconnection Strategy

  • reconnect

  • reconnect-forever

A retry strategy in case of connectivity errors.

For Configurations

  • config

Throws

  • LDAP:COMMUNICATION

  • LDAP:CONNECTIVITY

  • LDAP:CONTEXT_NOT_EMPTY

  • LDAP:INVALID_ATTRIBUTE

  • LDAP:INVALID_ENTRY

  • LDAP:NAME_ALREADY_BOUND

  • LDAP:NAME_NOT_FOUND

  • LDAP:OPERATION_NOT_SUPPORTED

  • LDAP:PERMISSION

  • LDAP:RETRY_EXHAUSTED

  • LDAP:UNKNOWN

Reconnection Type

Field Type Description Default Value Required

Fails Deployment

Boolean

When the application is deployed, a connectivity test is performed on all connectors. If set to true, deployment fails if the test doesn’t pass after exhausting the associated reconnection strategy.

Reconnection Strategy

  • reconnect

  • reconnect-forever

The reconnection strategy to use.

Reconnect Type

Field Type Description Default Value Required

Frequency

Number

How often in milliseconds to reconnect.

Count

Number

How many reconnection attempts to make.

Reconnect Forever Type

Field Type Description Default Value Required

Frequency

Number

How often in milliseconds to reconnect.

Expiration Policy Type

Field Type Description Default Value Required

Max Idle Time

Number

A scalar time value for the maximum amount of time a dynamic configuration instance should be allowed to be idle before it’s considered eligible for expiration.

Time Unit

Enumeration, one of:

  • NANOSECONDS

  • MICROSECONDS

  • MILLISECONDS

  • SECONDS

  • MINUTES

  • HOURS

  • DAYS

A time unit that qualifies the maxIdleTime attribute

Repeatable In-Memory Iterable Type

Field Type Description Default Value Required

Initial Buffer Size

Number

This is the amount of instances to initially allow to be kept in memory to consume the stream and provide random access to it. If the stream contains more data than can fit into this buffer, the the buffer expands according to the bufferSizeIncrement attribute, with an upper limit of maxInMemorySize. Default value is 100 instances.

Buffer Size Increment

Number

This is by how much the buffer size expands if it exceeds its initial size. Setting a value of zero or lower means that the buffer should not expand, and to raise a STREAM_MAXIMUM_SIZE_EXCEEDED error when the buffer gets full. Default value is 100 instances.

Max Buffer Size

Number

This is the maximum amount of memory to use. If more than that is used, then a STREAM_MAXIMUM_SIZE_EXCEEDED error is raised. A value lower or equal to zero means no limit.

Repeatable File Store Iterable Type

Field Type Description Default Value Required

Max In Memory Size

Number

This is the maximum amount of instances to keep in memory. If more than that is required, then it starts to buffer the content on disk.

Buffer Unit

Enumeration, one of:

  • BYTE

  • KB

  • MB

  • GB

The unit in which maxInMemorySize is expressed